NASP/rpki
63
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rpki/deploy/bird/README.md
xiuting.xu cef9495534 add bird deploy 
add data
add certs
2026-04-23 15:13:50 +08:00

87 lines
2.2 KiB
Markdown
Raw Blame History

# BIRD Minimal RTR Client Config
This folder provides a minimal BIRD setup for black-box interop testing
against this repository's RTR server defaults.
Server defaults in this repo:
- TCP: `0.0.0.0:323`
- SSH: `0.0.0.0:22` (when enabled on server)
## Files
- `Dockerfile`: builds a minimal BIRD2 runtime image.
- `bird.conf.example`: sample `/etc/bird/bird.conf`.
- `bird.conf.ssh.example`: sample SSH transport `/etc/bird/bird.conf`.
- `entrypoint.sh`: starts BIRD in foreground mode.
- `docker-compose.yml`: one-click local TCP test client.
- `docker-compose.ssh.yml`: compose override for SSH transport.
By default, the container prints periodic RPKI protocol snapshots to logs
every 30 seconds.
## Docker quick start
From repository root:
```bash
docker compose -f deploy/bird/docker-compose.yml up --build
```
Use another terminal to inspect:
```bash
docker logs -f bird-rpki-client
```
If protocol state is `up`, the RTR client path is working.
Detached mode:
```bash
docker compose -f deploy/bird/docker-compose.yml up -d --build
docker logs -f bird-rpki-client
```
Stop:
```bash
docker compose -f deploy/bird/docker-compose.yml down
```
## SSH quick start
Start server in SSH mode first:
```bash
docker compose -f deploy/server/docker-compose.ssh.yml up -d --build
```
Start BIRD client with SSH override:
```bash
docker compose \
-f deploy/bird/docker-compose.yml \
-f deploy/bird/docker-compose.ssh.yml \
up --build
```
In detached mode, observe with:
```bash
docker logs -f bird-rpki-client
```
## Notes
- This setup targets RTR over TCP (`remote "host.docker.internal" port 323`).
- `network_mode: host` expects your RTR server to be reachable at
`host.docker.internal:323` from the container.
- Observation is controlled by env vars:
`OBSERVE_INTERVAL` (seconds, default `30`) and `OBSERVE_PROTO`.
- SSH mode mounts `../../certs` into `/config/ssh` and expects:
`bird-rtr-client.pem` and `ssh_host_rsa_key.pub`.
- Entrypoint auto-generates `/run/bird/known_hosts` from
`/config/ssh/ssh_host_rsa_key.pub` for BIRD SSH host-key verification.
- If your environment does not support Docker host networking, switch to a
bridge network and replace `remote` addresses accordingly.
Reference in New Issue View Git Blame Copy Permalink